Secure multi-party computation: Information flow of outputs and game theory

Abstract

Secure multiparty computation enables protocol participants to compute the output of a public function of their private inputs whilst protecting the confidentiality of their inputs. But such an output, as a function of its inputs, inevitably leaks some information about input values regardless of the protocol used to compute it. We introduce foundations for quantifying and understanding how such leakage may influence input behaviour of deceitful protocol participants as well as that of participants they target. Our model captures the beliefs and knowledge that participants have about what input values other participants may choose. In this model, measures of information flow that may arise between protocol participants are introduced, formally investigated, and experimentally evaluated. These information-theoretic measures not only suggest advantageous input behaviour to deceitful participants for optimal updates of their beliefs about chosen inputs of targeted participants. They also allow targets to quantify the information-flow risk of their input choices. We show that this approach supports a game-theoretic formulation in which deceitful attackers wish to maximise the information that they gain on inputs of targets once the computation output is known, whereas the targets wish to protect the privacy of their inputs.